From 0124bdbd750266e9751ed219f72eafd9d7d0037d Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Wed, 15 Apr 2020 13:44:44 +0200
Subject: [PATCH] Role that installs and configures phpMyAdmin.

---
 library/roles/phpMyAdmin/README.md            | 36 +++++++++++++++
 library/roles/phpMyAdmin/defaults/main.yml    | 45 ++++++++++++++++++
 library/roles/phpMyAdmin/handlers/main.yml    |  2 +
 library/roles/phpMyAdmin/meta/main.yml        | 46 +++++++++++++++++++
 library/roles/phpMyAdmin/tasks/main.yml       | 31 +++++++++++++
 .../templates/phpmyadmin-config.inc.php.j2    | 25 ++++++++++
 library/roles/phpMyAdmin/tests/inventory      |  2 +
 library/roles/phpMyAdmin/tests/test.yml       |  5 ++
 library/roles/phpMyAdmin/vars/main.yml        |  2 +
 9 files changed, 194 insertions(+)
 create mode 100644 library/roles/phpMyAdmin/README.md
 create mode 100644 library/roles/phpMyAdmin/defaults/main.yml
 create mode 100644 library/roles/phpMyAdmin/handlers/main.yml
 create mode 100644 library/roles/phpMyAdmin/meta/main.yml
 create mode 100644 library/roles/phpMyAdmin/tasks/main.yml
 create mode 100644 library/roles/phpMyAdmin/templates/phpmyadmin-config.inc.php.j2
 create mode 100644 library/roles/phpMyAdmin/tests/inventory
 create mode 100644 library/roles/phpMyAdmin/tests/test.yml
 create mode 100644 library/roles/phpMyAdmin/vars/main.yml

diff --git a/library/roles/phpMyAdmin/README.md b/library/roles/phpMyAdmin/README.md
new file mode 100644
index 00000000..afc69617
--- /dev/null
+++ b/library/roles/phpMyAdmin/README.md
@@ -0,0 +1,36 @@
+Role Name
+=========
+
+Role that installs phpMyAdmin. Optionally depends on apache/nginx and php-fpm. I do not force the dependency because it could be installed together with other PHP applications.
+
+Requirements
+------------
+
+Some PHP package dependencies are listed in the documentation at <https://docs.phpmyadmin.net/en/latest/require.html#php>.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+No Galaxy dependecies right now
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - { role: phpMyAdmin }
+
+License
+-------
+
+EUPL 1.2
+
+Author Information
+------------------
+
+Andrea Dell'Amico, <andrea.dellamico@isti.cnr.it>
diff --git a/library/roles/phpMyAdmin/defaults/main.yml b/library/roles/phpMyAdmin/defaults/main.yml
new file mode 100644
index 00000000..5da9a42b
--- /dev/null
+++ b/library/roles/phpMyAdmin/defaults/main.yml
@@ -0,0 +1,45 @@
+---
+phpmyadmin_shared_installation: True
+phpmyadmin_behind_nginx: True
+phpmyadmin_behind_apache: False
+phpmyadmin_version: 5.0.2
+phpmyadmin_app: 'phpMyAdmin-{{ phpmyadmin_version }}-all-languages'
+phpmyadmin_download_link: 'https://files.phpmyadmin.net/phpMyAdmin/{{ phpmyadmin_version }}/{{ phpmyadmin_app }}.zip'
+
+phpmyadmin_install_dir: /srv/phpmyadmin
+phpmyadmin_phpfpm_pool_name: phpmyadmin
+phpmyadmin_phpfpm_pool_user: phpmyadmin
+phpmyadmin_phpfpm_doc_root: '{{ phpmyadmin_install_dir }}/phpmyadmin'
+phpmyadmin_phpfpm_app_context: '/phpmyadmin'
+phpmyadmin_phpfpm_listen_port: 9000
+phpmyadmin_phpfpm_pm_max_children: "6"
+phpmyadmin_phpfpm_pm_start_servers: 2
+phpmyadmin_phpfpm_pm_min_spare_servers: 2
+phpmyadmin_phpfpm_pm_max_spare_servers: 3
+phpmyadmin_phpfpm_virthost: '{{ ansible_fqdn }}'
+phpmyadmin_default_lang: 'en'
+#phpmyadmin_blowfish_secret: 'generate it'
+
+phpmyadmin_target_servers:
+  - { description: 'local mysql server', host: 'localhost', port: 3306, socket: '', ssl: 'true', auth_type: 'cookie', user: '', password: '', only_db: "'db1', 'db2'", allowroot: 'false' }
+
+phpmyadmin_php_packages:
+  - 'php{{ php_version }}-fpm'
+  - 'php{{ php_version }}-json'
+  - 'php{{ php_version }}-intl'
+  - 'php{{ php_version }}-cli'
+  - 'php{{ php_version }}-mysqlnd'
+  - 'php{{ php_version }}-gd'
+  - 'php{{ php_version }}-json'
+  - 'php{{ php_version }}-curl'
+  - 'php{{ php_version }}-mbstring'
+  - 'php{{ php_version }}-readline'
+  - 'php{{ php_version }}-bz2'
+  - 'php{{ php_version }}-zip'
+  - php-php-gettext
+  - php-phpseclib
+  - php-tcpdf
+  - imagemagick
+
+phpmyadmin_phpfpm_pool:
+  - { pool_name: '{{ phpmyadmin_phpfpm_pool_name }}', app_context: '{{ phpmyadmin_phpfpm_app_context }}', doc_root: '{{ phpmyadmin_install_dir }}', user: '{{ phpmyadmin_phpfpm_pool_user }}', group: '{{ phpfpm_co_guard_user }}', listen: '{{ phpfpm_listen_host }}:{{ phpmyadmin_phpfpm_listen_port }}', allowed_clients: '{{ phpfpm_default_allowed_clients }}', pm: '{{ phpfpm_default_pm }}', pm_max_children: '{{ phpmyadmin_phpfpm_pm_max_children }}', pm_start_servers: '{{ phpmyadmin_phpfpm_pm_start_servers }}', pm_min_spare: '{{ phpmyadmin_phpfpm_pm_min_spare_servers }}', pm_max_spare: '{{ phpmyadmin_phpfpm_pm_max_spare_servers }}', pm_max_requests: '{{ phpfpm_default_pm_max_requests }}', pm_status_enabled: '{{ phpfpm_default_pm_status_enabled }}', pm_status_path: '{{ phpfpm_default_pm_status_path }}', ping_enabled: '{{ phpfpm_default_ping_enabled }}', ping_path: '{{ phpfpm_default_ping_path }}', ping_response: '{{ phpfpm_default_ping_response }}', display_errors: '{{ phpfpm_default_display_errors }}', log_errors: '{{ phpfpm_default_log_errors }}', memory_limit: '{{ phpfpm_default_memory_limit }}', slowlog_timeout: '{{ phpfpm_default_slowlog_timeout }}', rlimit_files: '{{ phpfpm_default_rlimit_files }}', php_extensions: '{{ phpfpm_default_extensions }}', req_term_timeout: '240s', admin_write: True, virthost: '{{ phpmyadmin_phpfpm_virthost }}' }
diff --git a/library/roles/phpMyAdmin/handlers/main.yml b/library/roles/phpMyAdmin/handlers/main.yml
new file mode 100644
index 00000000..9df1fcb4
--- /dev/null
+++ b/library/roles/phpMyAdmin/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for phpMyAdmin
\ No newline at end of file
diff --git a/library/roles/phpMyAdmin/meta/main.yml b/library/roles/phpMyAdmin/meta/main.yml
new file mode 100644
index 00000000..710b1a55
--- /dev/null
+++ b/library/roles/phpMyAdmin/meta/main.yml
@@ -0,0 +1,46 @@
+galaxy_info:
+  author: Andrea Dell'Amico
+  description: IT architect
+  company: ISTI-CNR
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: EUPL 1.2
+
+  min_ansible_version: 2.7
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  - name: Ubuntu
+    versions:
+    - bionic
+  
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies:
+  - { role: '../../library/roles/php-fpm', when: not phpmyadmin_shared_installation | bool }
+  - { role: '../../library/roles/nginx', when: not phpmyadmin_shared_installation | bool and phpmyadmin_behind_nginx | bool }
+  - { role: '../../library/roles/apache', when: not phpmyadmin_shared_installation | bool and phpmyadmin_behind_apache | bool }
diff --git a/library/roles/phpMyAdmin/tasks/main.yml b/library/roles/phpMyAdmin/tasks/main.yml
new file mode 100644
index 00000000..a5ea7b3b
--- /dev/null
+++ b/library/roles/phpMyAdmin/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: Install and configure phpMyAdmin
+  block:
+  - name: Create the phpmyadmin download directory
+    file: dest={{ phpmyadmin_install_dir }} state=directory
+
+  - name: Create the phpmyadmin download, upload and tmp directories
+    file: dest={{ item }} state=directory owner={{ phpmyadmin_phpfpm_pool_user }} mode=0700
+    with_items:
+      - '{{ phpmyadmin_install_dir }}/upload'
+      - '{{ phpmyadmin_install_dir }}/download'
+      - '{{ phpmyadmin_install_dir }}/tmp'
+
+  - name: Download and unarchive the phpMyAdmin distribution
+    unarchive: remote_src=yes src={{ phpmyadmin_download_link }} dest={{ phpmyadmin_install_dir }}
+    args:
+      creates: '{{ phpmyadmin_install_dir }}/{{ phpmyadmin_app }}/index.php'
+
+  - name: Remove the test and setup directories
+    file: dest={{ phpmyadmin_install_dir }}/{{ phpmyadmin_app }}/{{ item }} state=absent
+    with_items:
+      - 'test'
+      - setup
+
+  - name: Set the path to the phpMyAdmin installation
+    file: src={{ phpmyadmin_install_dir }}/{{ phpmyadmin_app }} dest={{ phpmyadmin_phpfpm_doc_root }} state=link
+
+  - name: Install the phpMyAdmin config file
+    template: src=phpmyadmin-config.inc.php.j2 dest={{ phpmyadmin_phpfpm_doc_root }}/config.inc.php owner={{ phpmyadmin_phpfpm_pool_user }} group={{ phpmyadmin_phpfpm_pool_user }} mode=0440
+
+  tags: [ 'phpMyadmin', 'phpmyadmin' ]
diff --git a/library/roles/phpMyAdmin/templates/phpmyadmin-config.inc.php.j2 b/library/roles/phpMyAdmin/templates/phpmyadmin-config.inc.php.j2
new file mode 100644
index 00000000..ef1c6595
--- /dev/null
+++ b/library/roles/phpMyAdmin/templates/phpmyadmin-config.inc.php.j2
@@ -0,0 +1,25 @@
+<?php
+/* Servers configuration */
+{% for server in phpmyadmin_target_servers %}
+/* Server: {{ server.description }} [{{ server.id }}] */
+$cfg['Servers'][{{ server.id }}]['verbose'] = '{{ server.description }}';
+$cfg['Servers'][{{ server.id }}]['host'] = '{{ server.host }}';
+$cfg['Servers'][{{ server.id }}]['port'] = {{ server.port }};
+$cfg['Servers'][{{ server.id }}]['socket'] = '{{ server.socket }}';
+$cfg['Servers'][{{ server.id }}]['ssl'] = {{ server.ssl }};
+$cfg['Servers'][{{ server.id }}]['auth_type'] = '{{ server.auth_type }}';
+$cfg['Servers'][{{ server.id }}]['user'] = '{{ server.user }}';
+$cfg['Servers'][{{ server.id }}]['password'] = '{{ server.password }}';
+$cfg['Servers'][{{ server.id }}]['only_db'] = array({{ server.only_db }});
+$cfg['Servers'][{{ server.id }}]['AllowRoot'] = {{ server.allowroot }};
+
+{% endfor %}
+/* End of servers configuration */
+
+$cfg['blowfish_secret'] = "{{ phpmyadmin_blowfish_secret }}";
+$cfg['DefaultLang'] = '{{ phpmyadmin_default_lang }}';
+$cfg['ServerDefault'] = 1;
+$cfg['UploadDir'] = '{{ phpmyadmin_install_dir }}/upload';
+$cfg['SaveDir'] = '{{ phpmyadmin_install_dir}}/download';
+$cfg['TempDir'] = '{{ phpmyadmin_install_dir}}/tmp';
+?>
\ No newline at end of file
diff --git a/library/roles/phpMyAdmin/tests/inventory b/library/roles/phpMyAdmin/tests/inventory
new file mode 100644
index 00000000..878877b0
--- /dev/null
+++ b/library/roles/phpMyAdmin/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/library/roles/phpMyAdmin/tests/test.yml b/library/roles/phpMyAdmin/tests/test.yml
new file mode 100644
index 00000000..17ba05e0
--- /dev/null
+++ b/library/roles/phpMyAdmin/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - phpMyAdmin
\ No newline at end of file
diff --git a/library/roles/phpMyAdmin/vars/main.yml b/library/roles/phpMyAdmin/vars/main.yml
new file mode 100644
index 00000000..9cf9e6e6
--- /dev/null
+++ b/library/roles/phpMyAdmin/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for phpMyAdmin
\ No newline at end of file